Product

Don’t Forget Safe Mode

A few days ago, a friend called me, distressed because she couldn’t get her computer to do anything. She kept saying something about a program telling her she had multiple viruses and malware, and to buy something. I told her to stop, don’t do anything, and I’d be right over.

I got there, and she said her son admitted to downloading some online golf program from a site he’d never been to before. She then said she’d been trying to download an antivirus program, but she’d lost her internet connection. I told her that if she didn’t already have an antivirus program on her computer that it was too late.

I put in my USB drive and was able to move the programs I was going to try to run onto her desktop. However, none of my programs would open. I tried opening some things on her computer. The browser would open, but it wouldn’t access the internet. The explore window opened, but none of the programs would open. I couldn’t get the task manager or control panel to open. And I couldn’t get to the C prompt either.

I tried rebooting first, but to no avail. I then remembered to boot up into safe mode. That was smart, but none of the programs I needed to access were there. See, when you boot into safe mode, you’re suddenly someone else, probably the administrator, and the administrator didn’t have access to the desktop of the original user. So, I had to reboot normally, then move everything to the C drive, and reboot again into safe mode.

Once it was back up, I went to the C drive and decided to start with Stinger. It’s the quick down and dirty virus checker from McAfee, free always. The problem, though, is that I had a version from last September; you always need to keep up to date if you’re going to use Stinger. It found nothing, which I figured might happen.

Next I decided to run the major program, Combofix. A few months ago, I worked on one of my computers, and I was able to get rid of every virus and spyware/adware piece of junk except one Trojan that just wouldn’t go away. Running Combofix killed it. Usually it likes to access the internet while it’s doing its thing, but in this case, you can’t access the internet while in safe mode. But I knew I had the latest version, as I’d downloaded it before I went to my friend’s house, so I wasn’t worried about it.

I ran the program, and it took about 25 minutes. It needed to; it’s hard to believe, but in one download her computer ended up with almost 200 viruses and registry entries. You never know what you’re going to get if you load something and haven’t verified where it came from. But at this point the computer was pretty clean.

While still in safe mode, I went into the control panel, then into add/remove programs. I knew which programs were associated with the virus; I can’t tell you why, but I just did. I deleted every program, and since it couldn’t access the internet or give me any other grief, especially after the cleaning Combofix gave it, they all went away submissively.

I booted the computer system back into real time, and it came up with no issues except not having any protection. I decided to start off with Zone Alarm, which added a firewall to her computer. You can’t use Zone Alarm with Vista unless your computer is 32-bit, which mine isn’t. But it’s a great program, and fairly easy to use for the uninitiated. It’s always best to start by adding the firewall program first to block anything sneaky that might still be on the computer.

Then I put on AVG’s free antivirus program, and, because I know she and her family don’t have a real clue as to how to protect themselves, I added the security toolbar, which I wouldn’t use myself. Then, for a final bit of protection, I added AdAware for spyware/malware checking, and decided to go ahead and run that. It found 114 instances total of spyware and malware; I started thinking that maybe some of this stuff was there before today’s incursion.

However, after just about 4 hours, her computer was clean, and now it was protected. But it could have taken a heck of a long time if I hadn’t remembered safe mode. So, now you won’t forget it either. But protect yourselves!

Yeah yeah,… one day you Mac people will get something really serious and have no idea how to get rid of it. Then you’ll be saying “man, I wish we had all this information to research like the Windows people do.” lol

hi Mitch,
It seems like viruses are getting more and more common. I’m not sure that many people realize you can get them just by visiting an infected site. You don’t have to “download” anything or open an email attachment. And some LEGIT sites are getting infected, so just by visiting them, you can get infected. Bad stuff. That’s why anti-virus programs and firewalls are a MUST today. I say a pox on virus writers!
Good post by the way. 🙂 And very nice of you to help your friend!
Stay “safe”! 🙂
Steve, the trade show guru

Hey Steve, it’s what I do. lol You know, though, Firefox will stop you from going to some sites that they know are bad; I don’t know if IE does that or not. But when one has kids, one never knows what they’ll do.

Yeah, I’m a great friend; then she gave me the old style animal crackers as a treat. I love those things!

I couldn’t more agree of what you’ve said here, Mitch. Safe mode is crucial, especially when our computer have been infected with viruses or malware! I mostly login to safe mode, scan it with antivirus and delete them away permanently.

I have to admit, Wil, safe mode isn’t always the first thing I think of. But something safe mode will let you do is install programs you might need when the regular mode won’t get it done, which is always good to know. Now if I’ll only remember it.

For me it is one of the first things I think of. Since I am a non techie guy it is something i can do. Sadly once I am there I don’t have a clue how to proceed further.
.-= Ned Carey´s last blog ..So How Did You Do In the Tax Sale? =-.